$ rpki-client -vvf rpki.apnic.net/member_repository/A91C79E1/6556F8DAD78411EA9C5D9640C4F9AE02/kzrI56xL07WCmJ_Mty_JJ9cWQks.mft File: kzrI56xL07WCmJ_Mty_JJ9cWQks.mft (raw, json) Hash identifier: UH4H8Ut0VQ+kVcRSpkcT0s09A0/0YJ7SAoEwj10X+B4= Subject key identifier: 1B:DE:9B:E8:4A:EC:BA:AF:D3:3B:6C:B1:FD:A6:38:3F:CF:F9:82:0E Authority key identifier: 93:3A:C8:E7:AC:4B:D3:B5:82:98:9F:CC:B7:2F:C9:27:D7:16:42:4B Certificate issuer: /CN=A91C79E1/serialNumber=933AC8E7AC4BD3B582989FCCB72FC927D716424B Certificate serial: 0836 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzrI56xL07WCmJ_Mty_JJ9cWQks.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C79E1/6556F8DAD78411EA9C5D9640C4F9AE02/kzrI56xL07WCmJ_Mty_JJ9cWQks.mft Manifest number: 0830 Signing time: Sun 20 Jul 2025 20:52:52 +0000 Manifest this update: Sun 20 Jul 2025 20:52:52 +0000 Manifest next update: Sun 27 Jul 2025 20:52:51 +0000 Files and hashes: 1: kzrI56xL07WCmJ_Mty_JJ9cWQks.crl (hash: Go6UHrxFsuJ7imC7bwpsy5opJ2xeIpbGaGkRIsorfF8=) 2: 26D0F9B82A6611ECB12FB439C4F9AE02.roa (hash: o8uKSFAZOoKiAV/aw+gEXp611EqrXFJMlAGF3VnwD9c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C79E1/6556F8DAD78411EA9C5D9640C4F9AE02/kzrI56xL07WCmJ_Mty_JJ9cWQks.crl rsync://rpki.apnic.net/member_repository/A91C79E1/6556F8DAD78411EA9C5D9640C4F9AE02/kzrI56xL07WCmJ_Mty_JJ9cWQks.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzrI56xL07WCmJ_Mty_JJ9cWQks.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 20:52:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2102 (0x836) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C79E1, serialNumber=933AC8E7AC4BD3B582989FCCB72FC927D716424B Validity Not Before: Jul 20 20:52:52 2025 GMT Not After : Jul 27 20:52:51 2025 GMT Subject: CN=687d5724-f658 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:42:dd:1c:66:fd:27:af:f6:5c:4d:0f:b2:1c: ce:89:36:2a:61:97:57:9a:43:b4:14:74:37:00:4a: 73:3f:81:9a:e7:18:27:c9:c5:6b:ae:66:b9:15:fb: cd:04:d3:7d:e1:92:f5:0b:c1:25:2f:b3:84:88:9c: bf:f7:be:1c:a7:ce:82:bc:19:99:f2:e0:09:3a:b5: 52:df:c9:f9:16:27:d6:f3:80:be:63:34:87:3a:e6: a7:30:89:64:24:9e:40:5d:61:6c:cd:e8:fe:cf:16: fb:e4:24:b8:6d:0a:f7:49:c6:c2:b1:2a:81:6c:34: c4:d9:ae:ea:d8:8e:f5:58:23:43:68:d3:bc:94:cd: 8f:76:79:41:0a:c2:08:4e:bd:94:00:f4:4e:e0:1b: 0d:a4:8b:8f:8a:fd:3e:c3:38:1a:ce:26:3b:8a:ac: 2b:c0:be:e7:97:b9:4a:d3:64:1a:f1:36:b8:b3:74: dc:81:c9:bc:2c:62:bb:30:bb:a7:99:13:49:f5:6a: d0:aa:02:cf:d1:12:2d:9b:58:48:61:63:a8:6f:be: de:fc:d4:c6:fd:6c:74:5a:e3:a4:03:af:9c:44:5f: 3a:20:8e:f5:05:be:3e:e5:0b:f2:eb:72:64:c0:af: bd:0b:c4:97:b7:f1:f2:f8:f8:1c:0c:15:f1:0d:d5: fa:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:DE:9B:E8:4A:EC:BA:AF:D3:3B:6C:B1:FD:A6:38:3F:CF:F9:82:0E X509v3 Authority Key Identifier: keyid:93:3A:C8:E7:AC:4B:D3:B5:82:98:9F:CC:B7:2F:C9:27:D7:16:42:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C79E1/6556F8DAD78411EA9C5D9640C4F9AE02/kzrI56xL07WCmJ_Mty_JJ9cWQks.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzrI56xL07WCmJ_Mty_JJ9cWQks.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C79E1/6556F8DAD78411EA9C5D9640C4F9AE02/kzrI56xL07WCmJ_Mty_JJ9cWQks.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:72:e5:dc:56:43:11:5e:0a:0f:ca:03:79:a5:92:ea:d4:35: 86:2b:ad:f2:28:52:0f:47:88:5b:f7:22:d0:95:08:a0:a6:98: e0:a0:2e:05:b8:d5:f8:84:21:68:d6:e4:da:96:c5:f8:96:06: d5:5a:ef:ef:aa:ee:70:25:e4:82:ad:d3:02:f9:e6:b2:2e:c1: 5f:9d:e9:0a:52:79:7b:73:62:08:7b:c1:82:bc:f3:92:aa:b9: 93:d3:af:63:e6:6c:fe:9d:ce:a6:a7:e8:9b:7f:03:e0:9b:be: 0f:bb:09:b5:52:46:8f:11:c2:80:da:f1:d9:6a:d3:dc:03:a3: e8:6b:0e:d7:64:9c:15:04:79:04:18:31:b4:1d:48:63:33:cf: 41:db:b2:bb:30:da:96:ec:81:61:ed:cf:fa:e5:44:74:46:b0: a9:71:c2:01:6c:02:18:81:c9:e4:a2:e9:93:13:bc:22:54:79: 76:94:93:32:dc:2b:bf:6e:16:6b:56:d3:3e:c0:cd:42:24:b9: 0d:ef:95:0d:0e:e3:0a:09:e5:fe:fc:db:03:fb:c7:d4:b1:92: cc:4c:fd:04:3e:57:de:ae:23:4e:5a:34:e4:80:47:ef:31:37: d9:e8:8e:a9:0e:86:96:72:cd:7e:5d:cc:3b:0f:4b:d6:03:3f: dc:02:34:32 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCDYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzc5RTExMTAvBgNVBAUTKDkzM0FDOEU3QUM0QkQzQjU4Mjk4OUZDQ0I3MkZDOTI3 RDcxNjQyNEIwHhcNMjUwNzIwMjA1MjUyWhcNMjUwNzI3MjA1MjUxWjAYMRYwFAYD VQQDEw02ODdkNTcyNC1mNjU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvkLdHGb9J6/2XE0PshzOiTYqYZdXmkO0FHQ3AEpzP4Ga5xgnycVrrma5FfvN BNN94ZL1C8ElL7OEiJy/974cp86CvBmZ8uAJOrVS38n5FifW84C+YzSHOuanMIlk JJ5AXWFszej+zxb75CS4bQr3ScbCsSqBbDTE2a7q2I71WCNDaNO8lM2PdnlBCsII Tr2UAPRO4BsNpIuPiv0+wzgaziY7iqwrwL7nl7lK02Qa8Ta4s3Tcgcm8LGK7MLun mRNJ9WrQqgLP0RItm1hIYWOob77e/NTG/Wx0WuOkA6+cRF86II71Bb4+5Qvy63Jk wK+9C8SXt/Hy+PgcDBXxDdX6hwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBvem+hK 7Lqv0ztssf2mOD/P+YIOMB8GA1UdIwQYMBaAFJM6yOesS9O1gpifzLcvySfXFkJL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzlFMS82NTU2RjhEQUQ3 ODQxMUVBOUM1RDk2NDBDNEY5QUUwMi9renJJNTZ4TDA3V0NtSl9NdHlfSko5Y1dR a3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2t6ckk1NnhMMDdXQ21KX010eV9KSjljV1Frcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NzlFMS82NTU2RjhEQUQ3ODQxMUVBOUM1RDk2NDBDNEY5QUUwMi9renJJNTZ4TDA3 V0NtSl9NdHlfSko5Y1dRa3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCKcuXcVkMRXgoPygN5pZLq1DWGK63yKFIPR4hb9yLQlQigppjgoC4F uNX4hCFo1uTalsX4lgbVWu/vqu5wJeSCrdMC+eayLsFfnekKUnl7c2IIe8GCvPOS qrmT069j5mz+nc6mp+ibfwPgm74Puwm1UkaPEcKA2vHZatPcA6Poaw7XZJwVBHkE GDG0HUhjM89B27K7MNqW7IFh7c/65UR0RrCpccIBbAIYgcnkoumTE7wiVHl2lJMy 3Cu/bhZrVtM+wM1CJLkN75UNDuMKCeX+/NsD+8fUsZLMTP0EPlferiNOWjTkgEfv MTfZ6I6pDoaWcs1+Xcw7D0vWAz/cAjQy -----END CERTIFICATE-----Generated at Mon Jul 21 13:23:55 2025 by rpki-client